Home > mailing lists

Re: GRANT/REVOKE: Allow column-level privileges - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: GRANT/REVOKE: Allow column-level privileges
Date	January 30, 2006 00:16:40
Msg-id	24506.1138583800@sss.pgh.pa.us Whole thread Raw
In response to	Re: GRANT/REVOKE: Allow column-level privileges (Euler Taveira de Oliveira <eulerto@yahoo.com.br>)
Responses	Re: GRANT/REVOKE: Allow column-level privileges (kevin brintnall <kbrint@rufus.net>)
List	pgsql-hackers

Tree view

Euler Taveira de Oliveira <eulerto@yahoo.com.br> writes:
> --- kevin brintnall <kbrint@rufus.net> escreveu:
>> if user matches an acl for the column
>>    .. and priv is granted, then permit
>>    .. else priv is not granted, reject
>> else fall through to table privileges

> Wouldn't it be more cheap to test the most-common-case table privileges
> first?

Also, the "reject" bit is wrong: if you have table-level privileges
then that implies privileges on all columns.  So it should be just
an additional test made after failing to find the desired table-level
privilege, and before erroring out.
        regards, tom lane

pgsql-hackers by date:

From: Euler Taveira de Oliveira
Date: 29 January 2006, 23:28:02
Subject: Re: GRANT/REVOKE: Allow column-level privileges

From: "Mark Woodward"
Date: 30 January 2006, 01:03:21
Subject: Re: Want to add to contrib.... xmldbx

Re: GRANT/REVOKE: Allow column-level privileges - Mailing list pgsql-hackers

Previous

Next